We have an upcoming case where we need pseudo-random numbers to scatter
timings, but we don't need cryptographically strong random numbers. libc's
built in random() is fine for this purpose, but we should seed it. Extend
secret_init() - the only current user of random numbers - to do this as
well as generating the SipHash secret. Using /dev/random for a PRNG seed
is probably overkill, but it's simple and we only do it once, so we might
as well.
Signed-off-by: David Gibson <david(a)gibson.dropbear.id.au>
---
passt.c | 13 ++++++++++---
1 file changed, 10 insertions(+), 3 deletions(-)
diff --git a/passt.c b/passt.c
index 73649de..83b26c5 100644
--- a/passt.c
+++ b/passt.c
@@ -110,12 +110,19 @@ static void post_handler(struct ctx *c, const struct timespec *now)
}
/**
- * secret_init() - Create secret value for SipHash calculations
+ * random_init() - Initialise things based on random data
* @c: Execution context
*/
-static void secret_init(struct ctx *c)
+static void random_init(struct ctx *c)
{
+ unsigned int seed;
+
+ /* Create secret value for SipHash calculations */
raw_random(&c->hash_secret, sizeof(c->hash_secret));
+
+ /* Seed pseudo-RNG for things that need non-cryptographic random */
+ raw_random(&seed, sizeof(seed));
+ srandom(seed);
}
/**
@@ -236,7 +243,7 @@ int main(int argc, char **argv)
tap_sock_init(&c);
- secret_init(&c);
+ random_init(&c);
if (clock_gettime(CLOCK_MONOTONIC, &now))
die_perror("Failed to get CLOCK_MONOTONIC time");
--
2.47.0